Export limit exceeded: 350749 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (350749 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-5724 | 1 Mirabilis | 1 Icq | 2026-04-23 | N/A |
| Heap-based buffer overflow the "Answering Service" function in ICQ 2003b Build 3916 allows local users to cause a denial of service (application crash) via a long string in the "AwayMsg Presets" value in the ICQ\ICQPro\DefaultPrefs\Presets registry key. | ||||
| CVE-2006-6831 | 1 Alan Ward | 1 A-faq | 2026-04-23 | N/A |
| SQL injection vulnerability in faqDsp.asp in aFAQ 1.0 allows remote attackers to execute arbitrary SQL commands via the catcode parameter. | ||||
| CVE-2006-7116 | 1 Kubix | 1 Kubix | 2026-04-23 | N/A |
| SQL injection vulnerability in includes/functions.php in Kubix 0.7 and earlier allows remote attackers to execute arbitrary SQL commands and bypass authentication via the member_id parameter ($id variable) to index.php. | ||||
| CVE-2007-1015 | 1 Aktueldownload | 1 Aktueldownload Haber Script | 2026-04-23 | N/A |
| SQL injection vulnerability in HaberDetay.asp in Aktueldownload Haber script allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2006-7117 | 1 Kubix | 1 Kubix | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in Kubix 0.7 and earlier allow remote attackers to (1) include and execute arbitrary local files via ".." sequences in the theme cookie to index.php, which is not properly handled by includes/head.php; and (2) read arbitrary files via ".." sequences in the file parameter in an add_dl action to adm_index.php, as demonstrated by reading connect.php. | ||||
| CVE-2007-3058 | 1 Madirish Webmail | 1 Madirish Webmail | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Madirish Webmail 2.0 allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[basedir] parameter to (1) calendar.php, (2) compose.php, and (3) index.php, different vectors than CVE-2007-2826. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-7124 | 1 Joomla | 1 Bsq Sitestats | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in external/rssfeeds.php in BSQ Sitestats (component for Joomla) 1.8.0, and possibly other versions before 2.2.1, allows remote attackers to execute arbitrary PHP code via the baseDir parameter. | ||||
| CVE-2007-5511 | 1 Oracle | 1 Database Server | 2026-04-23 | N/A |
| SQL injection vulnerability in Workspace Manager for Oracle Database before OWM 10.2.0.4.1, OWM 10.1.0.8.0, and OWM 9.2.0.8.0 allows attackers to execute arbitrary SQL commands via the FINDRICSET procedure in the LT package. NOTE: this is probably covered by CVE-2007-5510, but there are insufficient details to be certain. | ||||
| CVE-2007-6602 | 1 Noserub | 1 Noserub | 2026-04-23 | N/A |
| SQL injection vulnerability in app/models/identity.php in NoseRub 0.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the username field to the login script. | ||||
| CVE-2006-7134 | 1 Noah Spurrier | 1 Upload Tool For Php | 2026-04-23 | N/A |
| Unrestricted file upload vulnerability in main_user.php in Upload Tool for PHP 1.0 allows remote attackers to upload and execute arbitrary files with executable extensions such as .php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-6609 | 1 Coolplayer | 1 Coolplayer | 2026-04-23 | N/A |
| Multiple stack-based buffer overflows in the CPLI_ReadTag_OGG function in CPI_PlaylistItem.c in CoolPlayer 217 and earlier allow user-assisted remote attackers to execute arbitrary code via a long (1) cTag or (2) cValue field in an OGG Vorbis file. | ||||
| CVE-2008-1687 | 1 Gnu | 1 M4 | 2026-04-23 | N/A |
| The (1) maketemp and (2) mkstemp builtin functions in GNU m4 before 1.4.11 do not quote their output when a file is created, which might allow context-dependent attackers to trigger a macro expansion, leading to unspecified use of an incorrect filename. | ||||
| CVE-2006-7142 | 1 Utimaco | 1 Safeguard | 2026-04-23 | 7.8 High |
| The centralized management feature for Utimaco Safeguard stores hard-coded cryptographic keys in executable programs for encrypted configuration files, which allows attackers to recover the keys from the configuration files and decrypt the disk drive. | ||||
| CVE-2006-7150 | 1 Mambo | 1 Mambo Open Source | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Mambo 4.6.x allow remote attackers to execute arbitrary SQL commands via the mcname parameter to (1) moscomment.php and (2) com_comment.php. | ||||
| CVE-2009-1385 | 3 Intel, Linux, Redhat | 6 E1000, Kernel, Linux Kernel and 3 more | 2026-04-23 | N/A |
| Integer underflow in the e1000_clean_rx_irq function in drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel before 2.6.30-rc8, the e1000e driver in the Linux kernel, and Intel Wired Ethernet (aka e1000) before 7.5.5 allows remote attackers to cause a denial of service (panic) via a crafted frame size. | ||||
| CVE-2006-7159 | 2 Bti-tracker, Btitracker | 2 Bti-tracker, Btitracker | 2026-04-23 | N/A |
| Directory traversal vulnerability in include/prune_torrents.php in BTI-Tracker 1.3.2 (aka btitracker) allows remote attackers to delete arbitrary files via ".." sequences in the TORRENTSDIR parameter in a prune action. | ||||
| CVE-2009-3790 | 1 Cutepdf | 1 Formmax | 2026-04-23 | N/A |
| Heap-based buffer overflow in FormMax (formerly AcroForm) evaluation 3.5 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted FormMax import (.aim) file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-7167 | 1 Prorat | 1 Server | 2026-04-23 | N/A |
| Unspecified vulnerability in ProRat Server 1.9 Fix2 allows remote attackers to bypass the authentication mechanism for remote login via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-7174 | 1 Phpbb | 1 Dimension | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in includes/functions.php in the Dimension module of phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. NOTE: this may be the same issue as CVE-2006-5235. | ||||
| CVE-2006-7176 | 2 Redhat, Sendmail | 2 Enterprise Linux, Sendmail | 2026-04-23 | N/A |
| The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and earlier does not reject the "localhost.localdomain" domain name for e-mail messages that come from external hosts, which might allow remote attackers to spoof messages. | ||||